Explore account takeover attacks and mitigations including modern authentication with 2FA/passkeys, and anti-bot measures to enhance account security.

Being able to test and validate rule behavior is critical to a maintainable WAF. With our WAF Simulator, you can validate rules in a safe simulation environment.

We have observed active exploitation attempts targeting three high-severity CVEs: CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000.

In this post, we will discuss a low latency approach to detect these attacks by co-locating the password hashes in a KV Store, along with Compute on Fastly’s edge.

To gain a broader understanding of the threat landscape during "Cyber 5" weekend, we analyzed attack activities with a particular focus on commerce sites.

We're excited to announce Fastly's new WAF Simulator, which simplifies the testing process and provides the following key benefits.

Vulnerabilities are an unfortunate inevitability. However, when using a WAF there are options for your security teams while waiting for a patch.

We have discovered two instances of insecure deserialization in Cacti versions prior to 1.2.25, tracked as CVE-2023-30534.

In this post, we'll explore the application vulnerability directory traversal. What is it and how can you protect your apps from it?

Announcing the Network Effect Threat Report, Fastly’s threat intelligence report with insights based on unique data from April to June of 2023

What is an OS Command Injection? In this blog, we'll explore the web application vulnerability, OS Command Injection, and how to prevent it.

What you need to know about CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability